SPF, DMARC and, DKIM are the email security protocols used by companies or businesses to prevent various phishing attacks. Phishing and email spam are the biggest opportunities for hackers to enter the network. If a user clicks on a malicious email attachment, it can compromise an entire enterprise with ransomware, crypto-jacking scripts, data leakages, or privilege escalation exploits.
Source - From the Internet |
DKIM is an acronym for DomainKeys Identified Mail. When sending an email from a server that has DKIM configured, the server will hash the body and the header of the email separately. It will then, create a signature with a private key which will send along with the email.
When the receiver receives the email, it will do a DNS request to the domain that the email claim it is from. By doing so, the receiver will get the public key which is the DKIM record. It will then with the key can verify whether the signature is correct or not, and by doing so it will confirm that the sender is genuine and the mail has not been manipulated on its way there.
CHECKING FOR DKIM RECORDS
- Go to DKIM Records Lookup.
DKIM Records Lookup by MX Toolbox |
- Enter the domain name and selector (A DKIM selector is text, that is added with the domain to create a unique DNS record used during DKIM. This allows multiple keys to existing under one domain which allows for different signatures to be created by different systems, date ranges, or third-party services). For example, GitHub.com.
Create DKIM Records
- s - This is the selector and it indicates the record “name” used with the domain to locate the public key in DNS. The sender creates this (again, ideally automatically).
- d - This indicates the domain, used by the sender. Used with the selector record and helps locate the public key.
- p - This is the actual public key that gets published to DNS as part of the record. Therefore, it will look like a random set of upper and lower case letters, numbers, and some punctuation marks.
- Selector (s): 2B8U4DAB93D58YR
- Domain (d): yourdomain.com
- Public Key (p): MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1TaNgLlSyQMNWVLNLvyY/neDgaL2oqQE8T5illKqCgDtFHc8eHVAU+nlcaGmrKmDMw9dbgiGk1ocgZ56NR4ycfUHwQhvQPMUZw0cveel/8EAGoi/UyPmqfcPibytH81NFtTMAxUeM4Op8A6iHkvAMj5qLf4YRNsTkKAV
No comments:
Post a Comment